WP Blast SEO & Performance Booster Plugin Cross-Site Request Forgery Vulnerability

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the WP Blast | SEO & Performance Booster plugin for WordPress, affecting all versions through 1.8.6. The vulnerability arises from inadequate nonce validation on several administrative actions within the Settings class. This flaw allows unauthenticated attackers to initiate cache purging, sitemap clearing, plugin data purging, and score resetting operations via forged requests, provided they can deceive a site administrator into clicking a link.

Impact

Exploitation of this vulnerability allows for Cross-Site Request Forgery, enabling attackers to perform actions on behalf of the user without their consent, potentially leading to unauthorized changes or data manipulation.

Reproduction

To reproduce this vulnerability, an attacker must trick a WordPress site administrator into clicking a link that sends a request to the site. This can be done by creating a link that, when clicked, triggers one of the vulnerable actions, such as clearing the cache or sitemap. The absence of proper nonce validation allows these actions to be performed without the administrator's knowledge or consent.

Remediation

Users are advised to update the WP Blast | SEO & Performance Booster plugin to version 1.8.7 or later, where this vulnerability has been patched.